Feds provide "little or no explanation of how Target Computer will be found."

A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.”

Back in March 2013, the FBI asked the judge to grant a month-long “Rule 41 search and seizure warrant” of a suspect’s computer “at premises unknown” as a way to find out more about these possible violations of “federal bank fraud, identity theft and computer security laws.”

In an unusually public order published this week, Judge Stephen Smith slapped down the FBI on the grounds that the warrant request was overbroad and too invasive. In it, he gives a unique insight as to the government’s capabilities for sophisticated digital surveillance on potential targets. According to the judge’s description of the spyware, it sounds very similar to the RAT software that many miscreants use to spy on other Internet users without their knowledge. (Ars editor Nate Anderson detailed the practice last month.)

According to the 13-page order, the FBI wanted to “surreptitiously install data extraction software on the Target Computer. Once installed, the software has the capacity to search the computer’s hard drive, random access memory, and other storage media; to activate the computer’s built-in camera; to generate latitude and longitude coordinates for the computer’s location; and to transmit the extracted data to FBI agents within the district.”

Neither an FBI spokesperson, nor Craig M. Feazel—who represents the FBI in this case and is an assistant United States Attorney—responded to Ars’ request for comment. Many civil libertarians, though, have raised serious questions as to what the government is up to.

“Hacking should be something that is the last resort, not the first option,” Chris Soghoian, principal technologist at the ACLU's Speech Privacy and Technology Project, told Ars. “No one knows anything about [how the FBI’s software works]. We know from a [Freedom of Information Act request] that there was a [Computer and Internet Protocol Address Verifier software], but this seems to be much more sophisticated. This sounds like the kind of [spyware] stuff that Gamma is selling. As a general rule, we don’t think law enforcement should be in the hacking business. It’s sexy, but it’s terrifying.”

"Little or no explanation"

According to the judge’s order (PDF), the FBI has no idea where the suspect actually is, but noted that the “IP address of the computer accessing Doe’s account resolves to a foreign country.”

While IP addresses can certainly be easily spoofed, assuming the suspect actually is outside the United States, that raises significant questions as to the appropriate use of such a warrant. The judge agreed, noting that the “government’s application does not satisfy any [existing territorial limits].”

Further, the judge cited the government’s failure to meet the Fourth Amendment’s requirement of “place to be searched, and the persons or things to be seized.”

The Government’s application contains little or no explanation of how the Target Computer will be found. Presumably, the Government would contact the Target Computer via the counterfeit e-mail address, on the assumption that only the actual culprits would have access to that e-mail account. Even if this assumption proved correct, it would not necessarily mean that the government has made contact with the end-point Target Computer at which the culprits are sitting. It is not unusual for those engaged in illegal computer activity to “spoof” Internet Protocol addresses as a way of disguising their actual online presence; in such a case the Government’s search might be routed through one or more “innocent” computers on its way to the Target Computer. The Government’s application offers nothing but indirect and conclusory assurance that its search technique will avoid infecting innocent computers or devices.

The judge also berated the government for its failure to explain how precisely it would target the suspect’s computer, the suspect, and no one else.

What if the Target Computer is located in a public library, an Internet café, or a workplace accessible to others? What if the computer is used by family or friends uninvolved in the illegal scheme? What if the counterfeit e-mail address is used for legitimate reasons by others unconnected to the criminal conspiracy? What if the e-mail address is accessed by more than one computer, or by a cell phone and other digital devices? There may well be sufficient answers to these questions, but the Government’s application does not supply them.

“This is the first time I've seen a public denial; the government has been very secretive about this surveillance tool and there hasn't been much litigation about it that I'm aware of,” Hanni Fakhoury, an attorney with the Electronic Frontier Foundation, told Ars. “I'm not surprised it came from Judge Smith. He's very outspoken on surveillance issues. His order finding cell site records protected by the Fourth Amendment is on appeal to the 5th Circuit (EFF argued the case). And he's issued orders denying requests for tower dump and a stingray before too.”

Good -- they shouldn't get a warrant. There's something obviously fishy going on in this case.

As others have mentioned -- why this one guy, whom they don't even seem to have much info on? How about all the corporations moving their money offshore?

I'd be willing to bet it is because the FBI doesn't consider what Apple, Google, etc (and the 1% in general) are doing to be a crime. This guy is probably involved in drugs -- possibly something heinous and completely anti-social like marijuana!

At least he isn't another one of these slack-jawed "I'd better do whatever the government wants because they're the government and that means they're automatically right" types.

In the mean time, Apple is borrowing money for dividends rather than repatriate money held overseas and pay taxes.

I think we need to focus on corporate criminals like Apple.

Ok fanbois, vote me off the island.

I'm no fan of Apple, but that has minimal relevance to the subject at hand.

I'm a Brit, and this strikes me as an unusually sensible decision by a Texan judge - isn't that the favoured location for patent troll filings? It's about time these kinds of things were reined in by the judiciary - your rights shouldn't be destroyed just because whatever content they're after is digital not analogue.

In the mean time, Apple is borrowing money for dividends rather than repatriate money held overseas and pay taxes.

I think we need to focus on corporate criminals like Apple.

Ok fanbois, vote me off the island.

I'm no fan of Apple, but that has minimal relevance to the subject at hand.

I'm a Brit, and this strikes me as an unusually sensible decision by a Texan judge - isn't that the favoured location for patent troll filings? It's about time these kinds of things were reined in by the judiciary - your rights shouldn't be destroyed just because whatever content they're after is digital not analogue.

"A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.”"

This person is trying to offshore the money, probably to avoid taxes. Apple and their ilk have offshore manufacturing, so the park profits overseas by purchasing items from offshore holding companies. Apple does it legally, but the results are the same. Taxes are avoided.

Good ruling because as the judge noted there is no guarantee the software would be installed on the correct computer and only the correct computer. Plus there is no guarantee that only targets use the computer.

A semi-technical question - I did not see any comment on the OS used. Also, does anyone know if the OS can be spoofed when logging into say Gmail or surfing? Or does the FBI software use Java (note to self may be I should totally remove Java)?

In the mean time, Apple is borrowing money for dividends rather than repatriate money held overseas and pay taxes.

I think we need to focus on corporate criminals like Apple.

Ok fanbois, vote me off the island.

Get a brain. Apple probably pays more tax than any other corporation in america. They are not doing anything criminal, and if you think what they're doing is illegal then you should lobby to change the law to make it illegal. That's what democracy is about, do something about it instead of just bitching.

Also, they're an international corporation, with interests everywhere. They pay taxes in every country including the one I live in (where I suspect much of their money is held, since our economy is actually doing pretty good right now).

What is great is that likely this suspected hacker has gotten a red flag from this story and now knows to lay low, the FBI will just have to do real police work and earn their pay for once - rather than simply spying on civilians.

Say that this software ends up installed on the defendant's computer without his knowledge and the webcam is activated. He then decides, as many people are want to do, to view some puriant material and masturbate in front of his computer. The government now had a digital video recording of someone masturbating. The situation is worse if the guy they are recording isn't the one they wanted. And the shit would really hit the fan if someone's <18 kid decided to sneak online, download a video, and whack one off, all for the government's kiddie-porn-watching eyes to record and transmit across state lines.

Good ruling because as the judge noted there is no guarantee the software would be installed on the correct computer and only the correct computer. Plus there is no guarantee that only targets use the computer.

A semi-technical question - I did not see any comment on the OS used. Also, does anyone know if the OS can be spoofed when logging into say Gmail or surfing? Or does the FBI software use Java (note to self may be I should totally remove Java)?

The FBI believes in security through obscurity, thus they don't provide any information on the spyware they use, Java is possible since it is OS agnostic, but requires Java to have been installed, it is also possible they have a native application for each of the major OSes.

In the mean time, Apple is borrowing money for dividends rather than repatriate money held overseas and pay taxes.

I think we need to focus on corporate criminals like Apple.

Ok fanbois, vote me off the island.

Multinational companies use wholly owned subsidiaries to operate in other countries. The issue is repatriation of overseas profits eventually back to the parent company. US tax corporate tax law is written such that any competent tax lawyer or accountant will recommend setting up a financial subsidiary to funnel the overseas profits into. Once the profits hit a US bank in the US the company most pay taxes on it but if it stays offshore they do not own any US tax.

Does the patriot act "just"ify pre-installing spyware on all computers sold in the US? I've always wondered.

Doesn't matter where you buy the computer. It will still have spyware.

Which is, among many reasons, why I don't buy (manufactured) a computer. I buy components, custom build kernels, &c. right up the tool-chain. Doesn't give absolute protection but would slow them down a tad. [I can do it, but custom designing my own chips is very time-consuming.]

As for the Patriot Act, since the FISA courts don't seem accountable to anyone, except (perhaps?!) SCOTUS, isn't it a moot point as to what the limits are in practical terms for what surveillance comes pre-installed? Which is what is pleasantly surprising about this magistrate. He does seem intent on the literal reading of the Constitution which is very good starting place in jurisprudence.

Definitely on my short-list of SCOTUS candidates. Perhaps we can have Agent Smith (laughing) in judicial drag for future appearances, hmmm...?

I'd be willing to bet it is because the FBI doesn't consider what Apple, Google, etc (and the 1% in general) are doing to be a crime. This guy is probably involved in drugs -- possibly something heinous and completely anti-social like marijuana!

The government considers any individual who lives overseas or has money overseas to be fishy.

But if you put your money in a corporation and then transfer money/assets to an overseas subsidiary to reduce your taxes, you're in the clear.

When did the judicial branch grow a backbone to stand up to the executive branch? Are we going to have rights in this country again? Now if only it would stop letting the legislative branch grant pardons when they pass "laws." Congress does not have that authority.

In the mean time, Apple is borrowing money for dividends rather than repatriate money held overseas and pay taxes.

I think we need to focus on corporate criminals like Apple.

Ok fanbois, vote me off the island.

I'm no fan of Apple, but that has minimal relevance to the subject at hand.

I'm a Brit, and this strikes me as an unusually sensible decision by a Texan judge - isn't that the favoured location for patent troll filings? It's about time these kinds of things were reined in by the judiciary - your rights shouldn't be destroyed just because whatever content they're after is digital not analogue.

"A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.”"

This person is trying to offshore the money, probably to avoid taxes. Apple and their ilk have offshore manufacturing, so the park profits overseas by purchasing items from offshore holding companies. Apple does it legally, but the results are the same. Taxes are avoided.

The UK is central to all these tax avoidance schemes.

The UK is not central to these schemes, the schemes such as the ones used by Apple, Google and Microsoft are usually operated by funnelling operations to Ireland which has a favourable coperation tax policy in comparison to the UK. The profits are then transferred to a dutch holding company which is then used to transfer the money to a tax haven such as bermuda. The basic arrangement is called the Double Irish. But when you add the dutch holding company it is a double irish with dutch sandwich.

Good ruling because as the judge noted there is no guarantee the software would be installed on the correct computer and only the correct computer. Plus there is no guarantee that only targets use the computer.

A semi-technical question - I did not see any comment on the OS used. Also, does anyone know if the OS can be spoofed when logging into say Gmail or surfing? Or does the FBI software use Java (note to self may be I should totally remove Java)?

The FBI believes in security through obscurity, thus they don't provide any information on the spyware they use, Java is possible since it is OS agnostic, but requires Java to have been installed, it is also possible they have a native application for each of the major OSes.

We can also assume that they have much nastier programs than the ones that were brought to the public when the whole hbgary/lulzsec saga was going on. ie. ars did excellent coverage and brought to light some incredible pieces of malware hbgary had developed....we can only wonder what was NOT uncovered.

I'm a Brit, and this strikes me as an unusually sensible decision by a Texan judge - isn't that the favoured location for patent troll filings? It's about time these kinds of things were reined in by the judiciary - your rights shouldn't be destroyed just because whatever content they're after is digital not analogue.

FBI spy on the general public all the time without a warrant for they are not intending to bring in any charges on that individual any time soon. They just to see more of that suspect's Internet activities. But when the FBI requesting a warrant on that suspect, that would be a whole different story, that individual is about to get charged in the court of law real soon. And before the warrant, the FBI already have enough evidences to do just that and nail that guy. That means, the FBI already hacked into the suspect's computers for unknown period of times and have gathered what they needed to bring that guy in justice.

What's with the warrant? A warrant is to make the bust legitimated and legal. "Hey, we just get this stuff off of that suspect after we have obtained the warrant on this suspect's computers from a federal judge . Before that warrant we knew nothing about this suspect's illegal activities until then. Please believe us fellas Americans, we are telling the truth, and nothing bout the truth." Yea, right, FBI. We believe you, all the way.

Quote:

it is also possible they have a native application for each of the major OSes.

Absolutely. At this time of the century and beyond, you don't trust anyone but yourself, your own immediate family, your parents, your spouse, children, bothers and sisters, and no one else. Scary, scary..

FBI spy on the general public all the time without a warrant for they are not intending to bring in any charges on that individual any time soon. They just to see more of that suspect's Internet activities. But when the FBI requesting a warrant on that suspect, that would be a whole different story, that individual is about to get charged in the court of law real soon. And before the warrant, the FBI already have enough evidences to do just that and nail that guy. That means, the FBI already hacked into the suspect's computers for unknown period of times and have gathered what they needed to bring that guy in justice.

What's with the warrant? A warrant is to make the bust legitimated and legal. "Hey, we just get this stuff off of that suspect after we have obtained the warrant on this suspect's computers from a federal judge . Before that warrant we knew nothing about this suspect's illegal activities until then. Please believe us fellas Americans, we are telling the truth, and nothing bout the truth." Yea, right, FBI. We believe you, all the way.

Quote:

it is also possible they have a native application for each of the major OSes.

Absolutely. At this time of the century and beyond, you don't trust anyone but yourself, your own immediate family, your parents, your spouse, children, bothers and sisters, and no one else. Scary, scary..

But you can't take evidence from unwarranted warrant-requiring actions and use that to obtain a warrant. They must first have enough suspicion on their own (evidence acquired in the open) to go to courts and get a warrant. Anything that is warrant-requiring and gathered cannot be used to later obtain a warrant.

Get a brain. Apple probably pays more tax than any other corporation in america.

No, they hold the taxes they would have to pay if they weren't running a corporate tax shell game like all of the other corporations in case they have to pay those taxes. They aren't paying them, they just aren't reinvesting them.

Quote:

They are not doing anything criminal,

"criminal" should be in quotation marks. It's like "I'm not paying any less taxes than I have to!" argument. Actually, that's the actual argument.